Oracle JDEdwards is prone to an information-disclosure vulnerability in JD Edwards EnterpriseOne Tools. The vulnerability can be exploited over the 'JDENET' protocol. The 'Enterprise Infrastructure SEC (JDENET)' sub component is affected.

Attackers can exploit this issue to obtain sensitive information such as the USER, ROLE, ENVIRONMENT tuples that may lead to further attacks.

Vendor Status:
Orcale had since issued an update for this vulnerability